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Opt-in cryptomining script Coinhive 
'barely used' say researchers 

We wouldn't say 'barely', says Coinhive 


By John Leyden 27 Feb 2018 at 06:31 6 Q SHARE ▼ 



Few sites are bothering to use the opt-in version of Coinhive, the 
controversial ride-along JavaScript crypto-mining package that requires 
end-users' consent to run. 

So said security firm Malware bytes in an analysis emitted on Monday, but 
Coinhive developers disputed those findings and argued that a third of 
cryptomining-using websites get their users' consent. 

Cryptomining sees web pages operators use visitors' computers to mine 
for the Monero cryptocurrency as they surf a site. Sometimes the mining 
is covert, as a result of mining malware infections. Publishers can also 
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run miningware without explicitly telling users about their efforts. On other 
occasions publishers formally tell visitors they're helping it to raise funds 
by running mining code. 

Coinhive tried to make the last cryptomining scenario legit by offering 
software that only works after users opt-in. In October 2017 the outfit 
therefore introduced a new API (AuthedMine) that explicitly requires user 
input for any mining activity to be allowed. 

Data from Malwarebytes, unveiled on 
Monday, said that in January and February 
2018 the opt-in version of Coinhive was 
used by just 40,000 folk each day 
compared to three million users of its silent 
miner. The security software firm adds that 
even sites that do use the opt-in option may 
still be crippling machines by running an 
unthrottled miner, as was the case this 
month of Salon, a news website. 

The developers of Coinhive disputed these figures. “We don't have 
statistics about the exact number of clients, but as for our raw hashrate: 
-35% comes from AuthedMine,” the developers told El Reg m ia Twitter. 
“Many sites still use the classic implementation with their own (non 
intrusive) opt-in or with a prominent opt-out. Ultimately it's the decision of 
the website owners.” 

Malwarebytes' findings were supported by security researcher Troy 
Mursch who said its figures are consistent with his own research. 

The Coinhive crew went on to claim that Malwarebytes blocks 
AuthedMine, too. “Attempts to get this resolved remained unanswered,” 
they said. 

Malwarebytes' The State of Malicious Cryptomining report also notes 
how groups used the WannaCry vulnerabilities to infect servers with 
cryptomining packages, a tactic previously reported by El Reg. ® 



Reg now behind 
invisible HTML5 
Bitcoin paywall 

READ MORE 


https://www.theregister.co.uk/2018/02/27/ethical_coinhive/ 


2/5 



3/3/2018 


Opt-in cryptomining script Coinhive 'barely used' say researchers • The Register 


Bootnote: The "Read More" box above links to our 2017 April Fool's Day 
prank, in which we joked that we'd added cryptomining to the site. Not 
many months later, actual cryptomining became prevalent. 
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And Oracle E-biz suite makes 3: 
Package also vulnerable to exploit 
used by cryptocurrency miner 

Hat trick! 
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